2024 – Page 14 – CYNET-CSIRT

MAR-10448362-1.v1 Volt Typhoon

Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein.…

Comments Off

February 8, 2024

Current Activity

CISA and Partners Release Advisory on PRC-sponsored Volt Typhoon Activity and Supplemental Living Off the Land Guidance

Today, CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S.…

Comments Off

February 8, 2024

Alerts

PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking…

Comments Off

February 8, 2024

Bulletins

Vulnerability Summary for the Week of January 29, 2024

High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 60indexpage_project -- 60indexpage A vulnerability classified as critical has been found in 60IndexPage up to…

Comments Off

February 6, 2024

Current Activity

Juniper Networks Releases Security Bulletin for Juniper Secure Analytics

Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of…

Comments Off

February 3, 2024

Current Activity

Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components

Moby and the Open Container Initiative (OCI) have released updates for multiple vulnerabilities (CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626) affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor…

Comments Off

February 2, 2024

Current Activity

CISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO Routers

Today, CISA and the Federal Bureau of Investigation (FBI) published guidance on Security Design Improvements for SOHO Device Manufacturers as a part of the new Secure by Design (SbD) Alert…

Comments Off

February 1, 2024

Current Activity

Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series

Juniper Networks released a security bulletin to address multiple vulnerabilities for J-Web in Junos OS SRX Series and EX Series. A cyber threat actor could exploit one of these vulnerabilities…

Comments Off

January 30, 2024

Bulletins

Vulnerability Summary for the Week of January 22, 2024

High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 60indexpage -- 60indexpage A vulnerability classified as critical has been found in 60IndexPage up to…

Comments Off

January 30, 2024

Current Activity

Guidance: Assembling a Group of Products for SBOM

Today, CISA published Guidance on Assembling a Group of Products created by the Software Bill of Materials (SBOM) Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by…

Comments Off

January 27, 2024